<!-- #include file="includes/dbConnection.inc" -->
<%
	log_name = request.Form("txtName")
	pwd = request.Form("txtPwd")
	log_status = request.Form("txtStatus")
	
	' ===========================================
	' Check for valid input
	' Last revised: May-03-07
	If log_name="" Then
		Response.Redirect("irl_access.asp")
	End if
	' ===========================================
	
	dim rst
	set rst = Server.CreateObject("ADODB.Recordset")
	
	'verify that the user is in the database or not
	sqlString = "sp_login_select '', '" & log_name & "', '" & log_status & "'"
	' response.Write(sqlString): response.End()
	rst.open sqlString, db
		
	if int(rst(0)) = 0 then
		response.Cookies("irl_failed") = "login_failed"
		call loginFailed()
	else		
		'validate user password
		if cstr(rst(2)) = pwd then
			'verify that the user was locked or not			
			if rst(5) = 0 then				
				response.Cookies("irl_failed") = "login_disabled"
				call loginFailed()				
			else				
				response.Cookies("irl_id") = rst(0)
				response.Cookies("irl_name") = rst(1)
				response.Cookies("irl_log_status") = log_status
				response.Cookies("irl_security") = rst(4)
				response.Cookies("irl_client_id") = rst(3)
				If Not IsNull(rst(6)) Then
					response.Cookies("office") = rst(6)
				End if
				If Not IsNull(rst(7)) Then
					response.Cookies("irl_role") = rst(7)
				End if
				response.Cookies("irl_failed") = ""
								
				
				' Client Dropbox
				If rst(4) = 8 Then
					Dim rsClient
					
					Set rsClient = Server.CreateObject("ADODB.Recordset")
					sqlString = "SELECT [client_name] FROM tbl_client WHERE [id]=" & rst(3)
					rsClient.Open sqlString, db
					If Not rsClient.EOF Then
						Response.Cookies("cdx_client") = rsClient(0)
					End if
					rsClient.Close
				End if
				
								
				' If not redirect plese see detail on each page below.
				Select Case rst(4)
					Case 1
						Response.Redirect("admin_page.asp")
'					Case 5
'						Response.Redirect("report_review_page.asp")
					Case 6
						Response.Redirect("dropbox_page.asp")
					Case 7
						Response.Redirect("contact_db/")
					Case 8
						Response.Redirect("client_dropbox_page.asp")
					Case Else
						Response.Redirect("old_section.htm")
				End Select
			end if
		else
			response.Cookies("irl_failed") = "login_failed"
			call loginFailed()
		end if		
	end if
		
	rst.close
	db.close
	
	set rst = nothing
	set db = nothing

	sub loginFailed()
		response.Cookies("irl_name") = ""
		response.Cookies("irl_log_status") = ""
		response.Cookies("irl_security") = ""
		response.Cookies("irL_client_id") = ""
		
		if log_status = "irl" then
			response.Redirect("irl_access.asp")
		elseif log_status = "client" then
			response.Redirect("client_access.asp")
		else
			id = request.Form("txtMicClient")	
			response.Redirect("mic_country_login.asp?id=" & id)
		end if
	end sub	
%>